search

byt3bl33d3r / CrackMapExec

A swiss army knife for pentesting networks
BSD 2-Clause "Simplified" License
8.35k stars 1.64k forks source link

Empire Launcher no longer works #764

Closed zildac closed 1 year ago

zildac commented 1 year ago

Describe the bug When attempting to launch the empire_exec module the following error is issued:

[-] Unable to connect to Empire's RESTful API: HTTPSConnectionPool(host='0.0.0.0', port=1337): Max retries exceeded with url: /api/admin/login (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:992)'))) The following error can be seen in the Empire Server log:

[WARNING]: Invalid HTTP request received. Traceback (most recent call last): File "/usr/lib/python3/dist-packages/uvicorn/protocols/http/h11_impl.py", line 129, in handle_events event = self.conn.next_event() ^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/h11/_connection.py", line 487, in next_event exc._reraise_as_remote_protocol_error() File "/usr/lib/python3/dist-packages/h11/_util.py", line 77, in _reraise_as_remote_protocol_error raise self File "/usr/lib/python3/dist-packages/h11/_connection.py", line 469, in next_event event = self._extract_next_receive_event() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/h11/_connection.py", line 411, in _extract_next_receive_event event = self._reader(self._receive_buffer) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/h11/_readers.py", line 79, in maybe_read_from_IDLE_client raise LocalProtocolError("illegal request line") h11._util.RemoteProtocolError: illegal request line

To Reproduce Attemp to run the empire_exec module using the latest version of CME and Empire (BC Security) and observe the CME error and Empire server error present in the log.

Expected behavior CME should connect to Empire and create a stager for the specified listener.

Screenshots If applicable, add screenshots to help explain your problem.

Crackmapexec info

Additional context Add any other context about the problem here.

Marshall-Hallenbeck commented 1 year ago

I can confirm this is broken. Empire changed their API in v5 and the module was not updated to match.

I have fixed this in my working branch, and once tested and approved it can be pushed to sponsors.

zildac commented 1 year ago

Thanks!.. Sponsored 👍